<?php 

//$response["ERROR"] = 		0				1	
//$response["MESSAGE"] = "BLOCKED_USER"	  "NEXT"			

if (true) {
	// get tag
    $telephone 	= $_GET['telephone'];
	$imei		= "354303051341212";
	$register_date = date("Y-m-d H:i:s");
	
    //Connect to database
	include '../dbc.php';
	include 'sendsms.php';
	
	//Check if we have such user
	$sql_check	= "SELECT * FROM user WHERE telephone='$telephone'";
	$sql_check_result = mysql_query($sql_check);
	if(mysql_num_rows($sql_check_result) < 1){
		// Need to register a new user
		$sql_add = "INSERT INTO user(telephone,imei,name,description,profile_picture,last_login,register_date,is_blocked,is_activated) VALUES ";
		$sql_add = $sql_add."('$telephone','$imei','','','','','$register_date','0','0')";
		$sql_add_result = mysql_query($sql_add);
		// Insert into user
		$sql_select = "SELECT * FROM user WHERE telephone='$telephone'";
		$sql_select_result = mysql_query($sql_select);
		$sql_select_result_row = mysql_fetch_array($sql_select_result);
		$uid = $sql_select_result_row['id'];
		// Set user_verify
		// Set expiry time to 30 minutes later
		
		$unixNow = time();
		$unixNow = $unixNow + 60*30;
		$expiry_date = date("Y-m-d H:i:s",$unixNow);
		// Generate random 4 digit number
		$digits = 4;
		$passcode = rand(pow(10, $digits-1), pow(10, $digits)-1);
		$sql_insert = "INSERT INTO user_verify(user,passcode,expiry_date) VALUES ('$uid','$passcode','$expiry_date')";
		$sql_insert_result = mysql_query($sql_insert);
		
		//Send SMS
		//sendsms($telephone,$passcode);
		
		$response["ERROR"] = 0;
    	$response["MESSAGE"] = "NEXT";
		echo json_encode($response);
		
	}else{
		// Look for if it is blocked
		$sql_check_result_row = mysql_fetch_array($sql_check_result);
		if($sql_check_result_row['is_blocked'] == 1){
			// Users being blocked
			$response["ERROR"] = 1;
    		$response["MESSAGE"] = "BLOCKED_USER";
			echo json_encode($response);
		}else{
			// Users not being blocked
			if($sql_check_result_row['is_activated'] == 0){
				// re-entering the code because unable to activate
				$uid = $sql_check_result_row['id'];
				$sql_update ="UPDATE user SET imei='$imei' WHERE id='$uid'";
				$sql_update_result = mysql_query($sql_update);
					
				// Send new SMS
				// Set expiry time to 30 minutes later
				$unixNow = time();
				$unixNow = $unixNow + 60*30;
				$expiry_date = date("Y-m-d H:i:s",$unixNow);
							
				// Generate random 4 digit number
				$digits = 4;
				$passcode = rand(pow(10, $digits-1), pow(10, $digits)-1);
				
				$sql_resend = "UPDATE user_verify SET passcode='$passcode' WHERE user='$uid'";
				//$sql_resend = "UPDATE user_verify SET passcode='$passcode',expiry_date='$expiry_date' WHERE user='$uid'";
				$sql_resend_result = mysql_query($sql_resend);
					
				//sendsms($telephone,$passcode);
				
				$response["ERROR"] = 0;
    			$response["MESSAGE"] = "NEXT";
				echo json_encode($response);
				
			}else{
				// Activated before. Changing to new phone or normal login
				if($sql_check_result_row['imei'] == $imei){
					// Normal login (imei matches with telephone
					$response["ERROR"] = -1;
    				$response["MESSAGE"] = "NEXT";
					echo json_encode($response);
				}else{
					// Changing to a new phone
					$uid = $sql_check_result_row['id'];
					$sql_update ="UPDATE user SET imei='$imei' WHERE id='$uid'";
					$sql_update_result = mysql_query($sql_update);
					
					// Send new SMS
					// Set expiry time to 30 minutes later
					$unixNow = time();
					$unixNow = $unixNow + 60*30;
					$expiry_date = date("Y-m-d H:i:s",$unixNow);
					
					// Generate random 4 digit number
					$digits = 4;
					$passcode = rand(pow(10, $digits-1), pow(10, $digits)-1);
					
					$sql_resend = "UPDATE user_verify SET passcode='$passcode',expiry_date='$expiry_date' WHERE user='$uid'";
					$sql_resend_result = mysql_query($sql_resend);
					
					//sendsms($telephone,$passcode);
					
					$response["ERROR"] = 0;
    				$response["MESSAGE"] = "NEXT";
					echo json_encode($response);
					
				}
			}
		}
	}
} else {
    $response["ERROR"] = 2;
    $response["MESSAGE"] = "REQUEST_DENIED";
	echo json_encode($response);
}

?>
